Huggingface
AI Threat Alert tracks 30 known AI/ML vulnerabilities affecting Huggingface products — each enriched with CVSS severity, EPSS exploit probability, patch status, and CISO-grade analysis. Browse every Huggingface CVE below, sorted by severity and recency.
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| MEDIUM | CVE-2025-5197 | Transformers: ReDoS in TF-to-PyTorch weight converter | transformers | 5.3 |
| HIGH | CVE-2025-6921 | Transformers: ReDoS in optimizer halts training pipelines | transformers | 7.5 |
| MEDIUM | CVE-2023-2800 | Transformers: temp file race condition allows local DoS | transformers | 4.7 |
| HIGH | CVE-2023-6730 | HuggingFace Transformers: RCE via unsafe deserialization | transformers | 8.8 |
| HIGH | CVE-2023-7018 | Transformers: unsafe deserialization enables RCE on load | transformers | 7.8 |
| CRITICAL | CVE-2024-3568 | HuggingFace Transformers: RCE via pickle deserialization | transformers | 9.6 |
| HIGH | CVE-2024-12720 | Transformers: ReDoS in Nougat tokenizer causes DoS | transformers | 7.5 |
| MEDIUM | CVE-2025-1194 | transformers: ReDoS in GPT-NeoX Japanese tokenizer | transformers | 6.5 |
| HIGH | CVE-2025-2099 | transformers: ReDoS in testing_utils causes DoS | transformers | 7.5 |
| HIGH | CVE-2025-3262 | Transformers: ReDoS in chat.py causes CPU exhaustion | transformers | 7.5 |
| CRITICAL | CVE-2025-5120 | smolagents: sandbox escape enables unauthenticated RCE | smolagents | 10.0 |
| CRITICAL | CVE-2026-2654 | smolagents: SSRF allows internal network access | smolagents | 9.8 |
| HIGH | CVE-2024-11392 | HuggingFace Transformers: RCE via config deserialization | transformers | 8.8 |
| HIGH | CVE-2024-11393 | Transformers: RCE via MaskFormer model deserialization | transformers | 8.8 |
| HIGH | CVE-2024-11394 | Transformers: RCE via Trax model deserialization | transformers | 8.8 |
| MEDIUM | CVE-2025-3263 | Transformers: ReDoS in config loader causes serving DoS | transformers | 5.3 |
| MEDIUM | CVE-2025-3264 | Transformers: ReDoS in dynamic module loader causes DoS | transformers | 5.3 |
| LOW | CVE-2025-3777 | Transformers: URL validation bypass exposes image pipeline | transformers | 3.5 |
| MEDIUM | CVE-2025-3933 | Transformers: ReDoS in DonutProcessor causes DoS | transformers | 5.3 |
| HIGH | CVE-2025-6638 | HuggingFace Transformers: ReDoS in MarianTokenizer | transformers | 7.5 |
Page 1 of 2
Frequently asked questions
How many known vulnerabilities affect Huggingface?
30 AI/ML CVEs affecting Huggingface products are tracked, sourced from NVD and GitHub Advisory.
What Huggingface products are affected?
The CVEs below map to the Huggingface AI/ML packages and tools tracked by AI Threat Alert; open any CVE to see the affected components and versions.
Where does the Huggingface vulnerability data come from?
Data is sourced from NVD and GitHub Advisory, then enriched with CVSS severity, EPSS exploit probability, and patch status for each CVE.
How can I monitor Huggingface for new vulnerabilities?
AI Threat Alert tracks Huggingface continuously; a Pro subscription adds breaking alerts when new CVEs affecting Huggingface are published.
How do I assess Huggingface's security exposure?
Each CVE below carries CVSS severity and exploitation signals, so you can review the highest-severity Huggingface issues first and judge the exposure for your stack.